JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 152.42.167.158

152.42.167.158 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 152.42.167.158

Whois 152.42.167.158

IP Abuse Reports for 152.42.167.158:

This IP address has been reported a total of 27 times from 21 distinct sources. 152.42.167.158 was first reported on June 18th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-19 06:08:25 (4 hours ago)	(mod_security) mod_security (id:225170) triggered by 152.42.167.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 152.42.167.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 02:08:21.727469 2026] [security2:error] [pid 29524:tid 29524] [client 152.42.167.158:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|hvacs-aircon.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hvacs-aircon.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajTc1TNBLKhDqU_TVz_mqwAAABY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-19 05:08:16 (5 hours ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇹🇭 MWA SOC	2026-06-19 03:29:36 (6 hours ago)		Hacking
Anonymous	2026-06-19 00:53:13 (9 hours ago)	2026-06-19T02:53:13.605059+02:00 zanati wp(www.sahpa.co.za)[4820]: Blocked authentication attempt fo ... show more 2026-06-19T02:53:13.605059+02:00 zanati wp(www.sahpa.co.za)[4820]: Blocked authentication attempt for LisaNcube from 152.42.167.158 ... show less	Web App Attack
🇫🇷 tilellit.pro	2026-06-18 23:20:56 (11 hours ago)	Fail2Ban banned 152.42.167.158 for security violations in jail wp-armour. Log: 2026/06/18 23:20:56 [ ... show more Fail2Ban banned 152.42.167.158 for security violations in jail wp-armour. Log: 2026/06/18 23:20:56 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 152.42.167.158 \| Target: wplogin" , client: 152.42.167.158, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-admin/" ... show less	Web Spam
🇺🇸 TPI-Abuse	2026-06-18 21:33:54 (12 hours ago)	(mod_security) mod_security (id:225170) triggered by 152.42.167.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 152.42.167.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 17:33:47.088345 2026] [security2:error] [pid 27185:tid 27203] [client 152.42.167.158:61651] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.myrtlebeachdiet.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.myrtlebeachdiet.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajRkO-oVhYuQe32GGtMI7gAAAAg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 ELYAZ	2026-06-18 21:13:17 (13 hours ago)	(y4) Failed scan -byebye- from 152.42.167.158 (SG/Singapore/-): (CF_ENABLE)	Hacking
Anonymous	2026-06-18 19:41:03 (14 hours ago)	152.42.167.158 - - [18/Jun/2026:21:39:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 420 "https://www.goo ... show more 152.42.167.158 - - [18/Jun/2026:21:39:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 420 "https://www.google.com" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36" 152.42.167.158 - - [18/Jun/2026:21:39:34 +0200] "POST /xmlrpc.php HTTP/1.1" 200 206 "https://www.google.com" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36" 152.42.167.158 - - [18/Jun/2026:21:40:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 420 "https://www.google.com" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36" 152.42.167.158 - - [18/Jun/2026:21:40:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 206 "https://www.google.com" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36" 152.42.167.158 - - [18/Jun/2026:21:41:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 420 "https://www ... show less	Brute-Force Web App Attack
🇧🇪 taivas.nl	2026-06-18 19:32:15 (14 hours ago)	Wordpress_xmlrpc_attack	Bad Web Bot
🇫🇷 dynamix	2026-06-18 19:21:30 (15 hours ago)	WordPress wp-login.php Brute Force Attack	Brute-Force Web App Attack
🇨🇦 electronico	2026-06-18 18:48:02 (15 hours ago)	152.42.167.158 - - [19/Jun/2026:05:48:01 +1100] "GET /wp-login.php HTTP/1.1" 403 5922 "https://cttmd ... show more 152.42.167.158 - - [19/Jun/2026:05:48:01 +1100] "GET /wp-login.php HTTP/1.1" 403 5922 "https://cttmd.nc/wp-admin/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36" 152.42.167.158 - - [19/Jun/2026:05:48:01 +1100] "POST /wp-login.php HTTP/1.1" 403 2107 "https://cttmd.nc/wp-admin/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36" 152.42.167.158 - - [19/Jun/2026:05:48:02 +1100] "GET /wp-admin/ HTTP/1.1" 302 443 "https://cttmd.nc/wp-admin/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36" ... show less	Brute-Force Web App Attack
🇺🇸 oralunal	2026-06-18 17:30:07 (16 hours ago)	IP banned by Fail2Ban in jail ente-suss ente.com-ssl_log mvfnds ...	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 15:08:28 (19 hours ago)	(mod_security) mod_security (id:225170) triggered by 152.42.167.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 152.42.167.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 11:08:24.183251 2026] [security2:error] [pid 32756:tid 32756] [client 152.42.167.158:58002] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|emelecsrl.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "emelecsrl.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajQJ6GbFDwsJkmci49Q6-QAAAAo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 14:28:22 (19 hours ago)	(mod_security) mod_security (id:225170) triggered by 152.42.167.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 152.42.167.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 10:28:17.567220 2026] [security2:error] [pid 4201:tid 4201] [client 152.42.167.158:52830] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|804web.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "804web.net"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajQAgfSlMip1bOaT8iDsZgAAAAY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 12:39:57 (21 hours ago)	(mod_security) mod_security (id:225170) triggered by 152.42.167.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 152.42.167.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 08:39:50.375620 2026] [security2:error] [pid 8045:tid 8088] [client 152.42.167.158:49318] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|transitionalcareservices.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "transitionalcareservices.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajPnFn2wlkzt-S3saKp2cgAAAUM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇺 223.27.18.80

🇬🇧 209.38.165.186

🇬🇧 195.206.182.213

🇮🇷 185.180.131.9

🇮🇸 185.40.122.250

🇺🇸 172.253.2.18

🇧🇷 170.239.52.212

🇮🇳 103.139.191.61

🇸🇪 89.255.239.96

🇺🇸 40.124.184.27

🇧🇪 34.77.135.159

🇧🇪 34.53.219.86

🇺🇸 23.254.221.235

🇰🇷 14.55.31.113

🇺🇸 173.255.210.89

🇬🇧 167.99.80.4

🇺🇸 167.99.54.222

🇨🇳 122.236.226.203

🇱🇹 81.30.98.44

🇵🇭 49.145.45.194